|
198131
|
8.8 |
HIGH
Network
|
schneider-electric
|
webreports
|
A CWE-434 Unrestricted Upload of File with Dangerous Type vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to upl…
|
-
|
CVE-2020-7569
|
2024-11-21 14:37 |
2020-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198132
|
4.3 |
MEDIUM
Adjacent
|
schneider-electric
|
modicon_m221_firmware
|
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Modicon M221 (all references, all versions) that could allow non sensitive information disclosure when th…
|
-
|
CVE-2020-7568
|
2024-11-21 14:37 |
2020-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198133
|
5.7 |
MEDIUM
Adjacent
|
schneider-electric
|
modicon_m221_firmware
|
A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Modicon M221 (all references, all versions) that could allow the attacker to find the password hash when the attacker has captu…
|
-
|
CVE-2020-7567
|
2024-11-21 14:37 |
2020-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198134
|
7.3 |
HIGH
Adjacent
|
schneider-electric
|
modicon_m221_firmware
|
A CWE-334: Small Space of Random Values vulnerability exists in Modicon M221 (all references, all versions) that could allow the attacker to break the encryption keys when the attacker has captured t…
|
-
|
CVE-2020-7566
|
2024-11-21 14:37 |
2020-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198135
|
7.3 |
HIGH
Adjacent
|
schneider-electric
|
modicon_m221_firmware
|
A CWE-326: Inadequate Encryption Strength vulnerability exists in Modicon M221 (all references, all versions) that could allow the attacker to break the encryption key when the attacker has captured …
|
-
|
CVE-2020-7565
|
2024-11-21 14:37 |
2020-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198136
|
9.8 |
CRITICAL
Network
|
schneider-electric
|
easergy_t300_firmware
|
A CWE-306: Missing Authentication for Critical Function vulnerability exists in Easergy T300 (with firmware 2.7 and older) that could cause a wide range of problems, including information exposure, d…
|
-
|
CVE-2020-7561
|
2024-11-21 14:37 |
2020-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198137
|
7.5 |
HIGH
Network
|
schneider-electric
|
ecostruxure_control_expert
|
A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause …
|
-
|
CVE-2020-7559
|
2024-11-21 14:37 |
2020-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198138
|
7.8 |
HIGH
Local
|
schneider-electric
|
interactive_graphical_scada_system
|
A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is impor…
|
-
|
CVE-2020-7558
|
2024-11-21 14:37 |
2020-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198139
|
7.8 |
HIGH
Local
|
schneider-electric
|
interactive_graphical_scada_system
|
A CWE-125 Out-of-bounds Read vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is import…
|
-
|
CVE-2020-7557
|
2024-11-21 14:37 |
2020-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198140
|
7.8 |
HIGH
Local
|
schneider-electric
|
interactive_graphical_scada_system
|
A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is impor…
|
-
|
CVE-2020-7556
|
2024-11-21 14:37 |
2020-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
